CVE-2025-5372

Libssh: incorrect return code handling in ssh_kdf() in libssh

Severity Score

5.0

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.

Se encontró una falla en las versiones de libssh compiladas con versiones de OpenSSL anteriores a la 3.0, específicamente en la función ssh_kdf(), responsable de la derivación de claves. Debido a la interpretación inconsistente de los valores de retorno, donde OpenSSL usa 0 para indicar un fallo y libssh usa 0 para éxito, la función puede devolver erróneamente un estado de éxito incluso cuando la derivación de claves falla. Esto provoca que se utilicen búferes de claves criptográficas sin inicializar en comunicaciones posteriores, lo que podría comprometer la confidencialidad, integridad y disponibilidad de las sesiones SSH.

Ronald Crane discovered that libssh incorrectly handled certain base64 conversions. An attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. Ronald Crane discovered that libssh incorrectly handled the privatekey_from_file function. An attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code.

*Credits: N/A

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Attack Vector

Network

Attack Complexity

High

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2025-05-30 CVE Reserved
2025-07-04 CVE Published
2025-07-08 CVE Updated
2025-07-10 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-682: Incorrect Calculation

CAPEC

References (2)

URL	Tag	Source
https://access.redhat.com/security/cve/CVE-2025-5372	Vdb Entry
https://bugzilla.redhat.com/show_bug.cgi?id=2369388	Issue Tracking

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Red Hat Search vendor "Red Hat"		Enterprise Linux Search vendor "Red Hat" for product "Enterprise Linux"				*		-		Affected
Redhat Search vendor "Redhat"		Openshift Search vendor "Redhat" for product "Openshift"				*		-		Affected
Opensuse Search vendor "Opensuse"		Leap Search vendor "Opensuse" for product "Leap"				*		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				*		-		Affected
Slackware Search vendor "Slackware"		Slackware Linux Search vendor "Slackware" for product "Slackware Linux"				*		-		Affected
Suse Search vendor "Suse"		Sle-module-basesystem Search vendor "Suse" for product "Sle-module-basesystem"				*		-		Affected
Suse Search vendor "Suse"		Sle Hpc Search vendor "Suse" for product "Sle Hpc"				*		-		Affected
Suse Search vendor "Suse"		Sled Search vendor "Suse" for product "Sled"				*		-		Affected
Suse Search vendor "Suse"		Sles Search vendor "Suse" for product "Sles"				*		-		Affected
Suse Search vendor "Suse"		Sles Sap Search vendor "Suse" for product "Sles Sap"				*		-		Affected